Since the Tufin T-500 appliance has the TufinOS and SecureTrack pre-installed, the install process was conducted on a VMware appliance. Installation was quick, with no problem. After we saved the settings, the login screen appeared and we could access the Tufin SecureTrack server.
The screen has icons for Policy Change Reports, Rule Usage Statistics, Security Risk Reports and Best Practices Audit. Users can choose to be notified immediately of policy changes and to receive weekly reports.
Tufin SecureTrack categorises the devices it can monitor as Devices, Plugins and Firewall OS Monitoring. Plugins are preinstalled for Blue Coat ProxySG, F5 Big IP and Linux iptables. We also could select plugins for devices from Check Point, Cisco, Juniper, Fortinet, Blue Coat, F5 and others. The tab for Firewall OS Monitoring is a separately licensed feature for extending SecureTrack to use SNMP for device changes, in addition to monitoring.
Optimisation and cleanup is a big part of SecureTrack's capabilities. With the goal of ensuring the rule base is not in violation of corporate and regulatory compliance, SecureTrack continually monitors firewalls, routers and switches. The SecureTrack Compare feature lists the number of recent revisions next to the device name. New revision alerts appear when revisions are generated. The Revision List can be filtered based on 10 attributes.
We used SecureTrack Analyzer to identify overlapping and redundant rules. To access predefined best practice policies that are stored in the SecureTrack database, we used the Audit and Compliance option. There are best practice checks for all firewalls and specific firewalls such as Check Point. SecureTrack also offers predefined policy analysis audits for PCI-DSS compliance. You can also set up alerts to be sent when security policy rule changes are made.
We found the browser dashboard to be crisp and well laid out. We liked the Compare Analysis option for comparing firewall revisions and maintaining the audit trail. Users familiar with the interfaces and screen presentations of major firewall vendors will appreciate this feature.
Custom firewall audits were created with the SecureTrack Audit wizard for detailed answers on compliance policies. An impressive list of predefined audit templates can be selected with a wizard, thereby saving time. There is also a predefined PCI-DSS audit analysis feature used to create reports for audit policy with a summary detailing the compliance verification.
We liked the Security Trend analysis reports with charts, graphs and a summary table displaying risk scoring. Tufin does not base the scores on the CVSS as is common practice with similar products. We did find SecureTrack to be a good product for auditing and maintaining compliance with best practices based on industry and corporate policies.